package com.yumeng.framework.auth.security.access;

import com.yumeng.common.api.ApiCode;
import com.yumeng.common.utils.ResponseUtils;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import java.io.IOException;

/**
 * 访问拒绝处理器（JSON）（用于前后端分离）
 *
 * @author wxd
 * @date 2025/2/19 10:34
 */
public class JsonAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        String msg = "Access Denied".equals(accessDeniedException.getMessage()) ? "访问被拒绝" : String.format("访问被拒绝：%s", accessDeniedException.getMessage());
        ResponseUtils.writeJson(response, ApiCode.FORBIDDEN, msg);
    }

}
